从Libreswan路由模式到DRG的IPSEC隧道

时间:2019-03-21 15:26:38

标签: oracle-cloud-infrastructure

我有一种情况,我想从Libreswan连接到DRG。我遵循了官方文档: https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/libreswan.htm 隧道已建立,但没有流量在流动。 我的配置是:

    config setup
plutoopts="--perpeerlog"
protostack=auto
conn oracle-tunnel-1
left=DRG tunnel 1 public IP address
right=192.168.12.4
rightid=Libreswan public IP # See preceding note about 1-1 NAT device
authby=secret
leftsubnet=0.0.0.0/0
rightsubnet=0.0.0.0/0
auto=start
mark=5/0xffffff1 # Needs to be unique across all tunnels
vti-interface=vti1
vti-routing=no
encapsulation=no
conn oracle-tunnel-2
left=DRG tunnel 2 public IP address
right=192.168.12.4
rightid=Libreswan public IP # See preceding note about 1-1 NAT device
authby=secret
leftsubnet=0.0.0.0/0
rightsubnet=0.0.0.0/0
auto=start
mark=5/0xffffff2 # Needs to be unique across all tunnels
vti-interface=vti2
vti-routing=no
encapsulation=no

隧道打开:

    #1: "oracle-tunnel-1":500 STATE_MAIN_I4 (ISAKMP SA established);
EVENT_SA_REPLACE in 2847s; newest ISAKMP; lastdpd=-1s(seq in:0 out:0);
idle; import:admin initiate
#4: "oracle-tunnel-1":500 STATE_QUICK_I2 (sent QI2, IPsec SA established);
EVENT_SA_REPLACE in 27828s; newest IPSEC; eroute owner; isakmp#1; idle;
import:admin initiate
#4: "oracle-tunnel-1" esp.bbba50fa@DRG-IP esp.7db55be9@192.168.12.4
tun.0@DRG-IP tun.0@192.168.12.4 ref=0 refhim=0 Traffic: ESPin=0B
ESPout=0B! ESPmax=4194303B
#2: "oracle-tunnel-2":500 STATE_MAIN_I4 (ISAKMP SA established);
EVENT_SA_REPLACE in 2606s; newest ISAKMP; lastdpd=-1s(seq in:0 out:0);
idle; import:admin initiate
#3: "oracle-tunnel-2":500 STATE_QUICK_I2 (sent QI2, IPsec SA established);
EVENT_SA_REPLACE in 27837s; newest IPSEC; eroute owner; isakmp#2; idle;
import:admin initiate
#3: "oracle-tunnel-2" esp.9dfaf013@DRG-IP esp.43348c8c@192.168.12.4
tun.0@DRG-IP tun.0@192.168.12.4 ref=0 refhim=0 Traffic: ESPin=84B
ESPout=0B! ESPmax=4194303B

但是没有流量在流。

有什么想法吗?

0 个答案:

没有答案